All Products
Search
Document Center

Container Service for Kubernetes:CreateCluster

Last Updated:Feb 29, 2024

Creates a Container Service for Kubernetes (ACK) cluster. For example, you can create an ACK managed cluster, ACK dedicated cluster, ACK Serverless cluster, ACK Edge cluster, or registered cluster. When you create an ACK cluster, you need to configure the cluster information, components, and cloud resources used by ACK.

Operation description

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
cs:CreateClusterWrite
  • Cluster
    acs:cs:{#regionId}:{#accountId}:cluster/*
  • cs:ClusterType
  • cs:ClusterSpec
  • cs:ClusterProfile
  • cs:EnableSecretEncryption
  • cs:EnableApiServerEip
  • cs:EnableAddonLogtailDs
  • cs:EnableCoreControlPlaneComponentsLog
none

Request syntax

POST /clusters

Request parameters

ParameterTypeRequiredDescriptionExample
bodyobjectNo

The request body.

namestringYes

The cluster name.

The name must be 1 to 63 characters in length, and can contain digits, letters, and hyphens (-). The name cannot start with a hyphen (-).

cluster-demo
region_idstringYes

The ID of the region in which you want to deploy the cluster.

cn-beijing
cluster_typestringYes

The cluster type. Valid value: ManagedKubernetes. You can create ACK managed clusters, ACK Serverless clusters, and ACK Edge clusters.

Kubernetes
cluster_specstringNo

The type of ACK managed cluster. Valid values:

  • ack.pro.small: ACK Pro cluster.
  • ack.standard: ACK Basic cluster.

Default value: ack.standard. If you leave this property empty, an ACK Basic cluster.is created.

For more information, see Overview of ACK Pro clusters.

ack.pro.small
kubernetes_versionstringNo

The Kubernetes version of the cluster. The Kubernetes versions supported by ACK are the same as the Kubernetes versions supported by open source Kubernetes. We recommend that you specify the latest Kubernetes version. If you do not set this parameter, the latest Kubernetes version is used.

You can create clusters of the latest two Kubernetes versions in the ACK console. You can create clusters of earlier Kubernetes versions by calling API operations. For more information about the Kubernetes versions supported by ACK, see Release notes on Kubernetes versions.

1.16.9-aliyun.1
runtimeruntimeNo

The container runtime. The default container runtime is Docker. containerd and Sandboxed-Container are also supported.

For more information about how to select a proper container runtime, see Comparison of Docker, containerd, and Sandboxed-Container.

vpcidstringYes

The virtual private cloud (VPC) in which you want to deploy the cluster. This parameter is required.

vpc-2zeik9h3ahvv2zz95****
pod_vswitch_idsarrayNo

The list of pod vSwitches. You need to specify at least one pod vSwitch for each node vSwitch and the pod vSwitches must not be the same as the node vSwitches (vswitch). We recommend that you specify pod vSwitches whose mask lengths are no greater than 19.

Note The pod_vswitch_ids parameter is required if the cluster uses Terway as the network plug-in.
stringNo

The list of pod vSwitches. You need to specify at least one pod vSwitch for each node vSwitch and the pod vSwitches must not be the same as the node vSwitches (vswitch). We recommend that you specify pod vSwitches whose mask lengths are no greater than 19.

Note The pod_vswitch_ids parameter is required if the cluster uses Terway as the network plug-in.
vsw-2ze97jwri7cei0mpw****
container_cidrstringNo

The CIDR block of pods. You can specify 10.0.0.0/8, 172.16-31.0.0/12-16, 192.168.0.0/16, or their subnets as the CIDR block of pods. The CIDR block of pods cannot overlap with the CIDR block of the VPC in which the cluster is deployed and the CIDR blocks of existing clusters in the VPC. You cannot modify the pod CIDR block after the cluster is created.

For more information about subnetting for ACK clusters, see Plan CIDR blocks for an ACK cluster that is deployed in a VPC.

Note This parameter is required if the cluster uses the Flannel plug-in.
172.20.0.0/16
service_cidrstringYes

The CIDR block of Services. Valid values: 10.0.0.0/16-24, 172.16-31.0.0/16-24, and 192.168.0.0/16-24. The CIDR block of Services cannot overlap with the CIDR block of the VPC (10.1.0.0/21) or the CIDR blocks of existing clusters in the VPC. You cannot modify the CIDR block of Services after the cluster is created.

By default, the CIDR block of Services is set to 172.19.0.0/20.

172.21.0.0/20
security_group_idstringNo

The ID of an existing security group. You need to choose between this parameter and the is_enterprise_security_group parameter. Cluster nodes are automatically added to the security group.

sg-bp1bdue0qc1g7k****
is_enterprise_security_groupbooleanNo

Specifies whether to create an advanced security group. This parameter takes effect only if security_group_id is left empty.

Note To use a basic security group, make sure that the sum of the number of nodes in the cluster and the number of pods that use Terway does not exceed 2,000. Therefore, if the cluster uses Terway, we recommend that you use an advanced security group.
  • true: creates an advanced security group.
  • false: does not create an advanced security group.

Default value: true.

true
snat_entrybooleanNo

Specifies whether to configure SNAT rules for the VPC where your cluster is deployed. Valid values:

  • true: automatically creates a NAT gateway and configures SNAT rules. Set this parameter to true if nodes and applications in the cluster need to access the Internet.
  • false: does not create a NAT gateway or configure SNAT rules. In this case, nodes and applications in the cluster cannot access the Internet.
Note If this feature is disabled when you create the cluster, you can also manually enable this feature after you create the cluster. For more information, see Manually create a NAT gateway and configure SNAT rules.

Default value: true.

true
endpoint_public_accessbooleanNo

Specifies whether to enable Internet access for the cluster. You can use an elastic IP address (EIP) to expose the API server. This way, you can access the cluster over the Internet.

  • true: enables Internet access.
  • false: disables Internet access. If you set this parameter to false, the API server cannot be accessed over the Internet.

Default value: false.

true
ssh_flagsbooleanNo

Specifies whether to enable SSH logon over the Internet. If this parameter is set to true, you can log on to master nodes in an ACK dedicated cluster over the Internet. This parameter does not take effect in ACK managed clusters.

  • true: enables SSH logon over the Internet.
  • false: disables SSH logon over the Internet.

Default value: false.

true
timezonestringNo

The time zone of the cluster.

Asia/Shanghai
node_cidr_maskstringNo

The maximum number of IP addresses that can be assigned to nodes. This number is determined by the node CIDR block. This parameter takes effect only if the cluster uses Flannel as the network plug-in.

Default value: 26.

25
user_castringNo

The custom certificate authority (CA) certificate used by the cluster.

-----BEGIN CERTIFICATE-----****
user_datastringNo

The user data of nodes.

IyEvdXNyL2Jpbi9iYXNoCmVjaG8gIkhlbGxvIEFD****
cluster_domainstringNo

The domain name of the cluster.

The domain name can contain one or more parts that are separated by periods (.). Each part cannot exceed 63 characters in length, and can contain lowercase letters, digits, and hyphens (-). Each part must start and end with a lowercase letter or digit.

cluster.local
node_name_modestringNo

The name of the custom node.

A custom node name consists of a prefix, an IP substring, and a suffix.

  • The prefix and suffix can contain multiple parts that are separated by periods (.). Each part can contain lowercase letters, digits, and hyphens (-), and must start and end with a lowercase letter or digit.
  • The IP substring length specifies the number of digits to be truncated from the end of the node IP address. The IP substring length ranges from 5 to 12.

For example, if the node IP address is 192.168.0.55, the prefix is aliyun.com, the length of the IP address substring is 5, and the suffix is test, the node name will be aliyun.com00055test.

aliyun.com00055test
custom_sanstringNo

Specifies custom subject alternative names (SANs) for the API server certificate to accept requests from specified IP addresses or domain names. Multiple IP addresses and domain names are separated by commas (,).

cs.aliyun.com
encryption_provider_keystringNo

The ID of a key that is managed by Key Management Service (KMS). The key is used to encrypt data disks. For more information, see KMS .

Note This feature supports only ACK Pro clusters.
0fe64791-55eb-4fc7-84c5-c6c7cdca****
service_account_issuerstringNo

Service accounts provide identities for pods when pods communicate with the API server of the cluster. service-account-issuer is the issuer of the serviceaccount token, which corresponds to the iss field in the token payload.

For more information about ServiceAccount, see Enable service account token volume projection.

kubernetes.default.svc
api_audiencesstringNo

Service accounts provide identities for pods when pods communicate with the API server of the cluster. api-audiences are used by the API server to check whether the tokens of requests are legitimate.`` Separate multiple audiences with commas (,).

For more information about ServiceAccount, see Enable service account token volume projection.

kubernetes.default.svc
image_idstringNo

Specifies a custom image for nodes. By default, the image provided by ACK is used. You can select a custom image to replace the default image. For more information, see Custom images.

m-bp16z7xko3vvv8gt****
rds_instancesarrayNo

The list of ApsaraDB RDS instances. Select the ApsaraDB RDS instances that you want to add to the whitelist. We recommend that you add the CIDR block of pods and CIDR block of nodes to the ApsaraDB RDS instances in the ApsaraDB RDS console. When you set the ApsaraDB RDS instances, you cannot scale out the number of nodes because the instances are not in the Running state.

stringNo

The list of ApsaraDB RDS instances. Select the ApsaraDB RDS instances that you want to add to the whitelist. We recommend that you add the CIDR block of pods and CIDR block of nodes to the ApsaraDB RDS instances in the ApsaraDB RDS console. When you set the ApsaraDB RDS instances, you cannot scale out the number of nodes because the instances are not in the Running state.

rm-2zev748xi27xc****
tagsarrayNo

The labels that you want to add to nodes. You must add tags based on the following rules:

  • Each label is a case-sensitive key-value pair. You can add up to 20 labels.
  • A key must be unique and cannot exceed 64 characters in length. A value can be empty and cannot exceed 128 characters in length. Keys and values cannot start with aliyun, acs:, https://, or http://. For more information, see Labels and Selectors.
tagNo

The labels that you want to add to nodes. You must add tags based on the following rules:

  • Each label is a case-sensitive key-value pair. You can add up to 20 labels.
  • A key must be unique and cannot exceed 64 characters in length. A value can be empty and cannot exceed 128 characters in length. Keys and values cannot start with aliyun, acs:, https://, or http://. For more information, see Labels and Selectors.
addonsarrayNo

The components that you want to install in the cluster. When you create a cluster, you can set the addons parameter to install specific components.

Network plug-in: required. The Flannel and Terway plug-ins are supported. Select one of the plug-ins for the cluster.

  • Specify the Flannel plug-in in the following format: [{"name":"flannel","config":""}].
  • Specify the Terway plug-in in the following format: [{"name": "terway-eniip","config": ""}].

Volume plug-in: required. The CSI and FlexVolume volume plug-ins are supported.

  • Specify the CSI plug-in in the following format: [{"name":"csi-plugin","config": ""},{"name": "csi-provisioner","config": ""}].
  • Specify the FlexVolume plug-in in the following format: [{"name": "flexvolume","config": ""}].

Simple Log Service component: optional. We recommend that you enable Simple Log Service. If Simple Log Service is disabled, you cannot use the cluster auditing feature.

  • Use an existing Simple Log Service project: [{"name": "logtail-ds","config": "{"IngressDashboardEnabled":"true","sls_project_name":"your_sls_project_name"}"}].
  • To create a Simple Log Service project, specify the component in the following format: [{"name": "logtail-ds","config": "{"IngressDashboardEnabled":"true"}"}].

Ingress controller: optional. By default, the nginx-ingress-controller component is installed in ACK dedicated clusters.

  • To install nginx-ingress-controller and enable Internet access, specify the Ingress controller in the following format: [{"name":"nginx-ingress-controller","config":"{"IngressSlbNetworkType":"internet"}"}].
  • If you do not want to install nginx-ingress-controller, specify the component in the following format: [{"name": "nginx-ingress-controller","config": "","disabled": true}].

Event center: optional. By default, the event center feature is enabled.

You can use Kubernetes event centers to store and query events, and configure alert rules. You can use the Logstores that are associated with Kubernetes event centers for free within 90 days. For more information, see Create and use an event center.

Enable the ack-node-problem-detector component in the following format: [{"name":"ack-node-problem-detector","config":"{"sls_project_name":"your_sls_project_name"}"}].

addonNo

The components that you want to install in the cluster. When you create a cluster, you can set the addons parameter to install specific components.

taintsarrayNo

The taints of the nodes in the node pool. Taints are added to nodes to prevent pods from being scheduled to inappropriate nodes. However, tolerations allow pods to be scheduled to nodes with matching taints. For more information, see Taints and Tolerations.

taintNo

The taints of the nodes in the node pool. Taints are added to nodes to prevent pods from being scheduled to inappropriate nodes. However, tolerations allow pods to be scheduled to nodes with matching taints. For more information, see Taints and Tolerations.

cloud_monitor_flagsbooleanNo

Specifies whether to install the CloudMonitor agent. Valid values:

  • true: installs the CloudMonitor agent.
  • false: does not install the CloudMonitor agent.

Default value: false.

true
platformstringNo

The release version of the operating system. Valid values:

  • CentOS
  • AliyunLinux
  • QbootAliyunLinux
  • Qboot
  • Windows
  • WindowsCore

Default value: CentOS.

CentOS
os_typestringNo

The type of OS. Valid values:

  • Windows
  • Linux

Default value: Linux.

Linux
soc_enabledbooleanNo

Reinforcement based on classified protection. For more information, see ACK reinforcement based on classified protection.

Valid values:

  • true: enables reinforcement based on classified protection.
  • false: disables reinforcement based on classified protection.

Default value: false.

false
cis_enabledbooleanNo

Specifies whether to enable Center for Internet Security (CIS) reinforcement. For more information, see CIS reinforcement.

Valid values:

  • true: enables CIS reinforcement.
  • false: disables CIS reinforcement.

Default value: false.

false
cpu_policystringNo

The CPU management policy of the nodes in a node pool. The following policies are supported if the Kubernetes version of the cluster is 1.12.6 or later.

  • static: allows pods with specific resource characteristics on the node to be granted enhanced CPU affinity and exclusivity.
  • none: specifies that the default CPU affinity is used.

Default value: none.

none
proxy_modestringNo

The kube-proxy mode. Valid values:

  • iptables: iptables is a mature and stable kube-proxy mode. It uses iptables rules to conduct service discovery and load balancing. The performance of this mode is restricted by the size of the Kubernetes cluster. This mode is suitable for Kubernetes clusters that manage a small number of Services.
  • ipvs: IPVS is a high-performance kube-proxy mode. It uses Linux Virtual Server (LVS) to conduct service discovery and load balancing. This mode is suitable for clusters that manage a large number of Services. We recommend that you use this mode in scenarios where high-performance load balancing is required.

Default value: ipvs.

ipvs
node_port_rangestringNo

The node port range. Valid values: 30000 to 65535.

Default value: 30000-32767.

30000~32767
key_pairstringNo

The name of the key pair. You must set this parameter or the login_password parameter.

secrity-key
login_passwordstringNo

The password for SSH logon. You must set this parameter or the key_pair parameter. The password must be 8 to 30 characters in length, and must contain at least three of the following character types: uppercase letters, lowercase letters, digits, and special characters.

Hello@1234
master_countlongNo

The number of master nodes. Valid values: 3 and 5.

Default value: 3.

3
master_vswitch_idsarrayNo

The IDs of the vSwitches that are specified for master nodes. You can specify up to three vSwitches. We recommend that you specify three vSwitches in different zones to ensure high availability.

The number of vSwitches must be the same as that specified in master_count and the same as those specified in master_vswitch_ids.

stringNo

The IDs of the vSwitches that are specified for master nodes. You can specify up to three vSwitches. We recommend that you specify three vSwitches in different zones to ensure high availability.

The number of vSwitches must be the same as that specified in master_count and the same as those specified in master_vswitch_ids.

vsw-2ze3ds0mdip0hdz8i****
master_instance_typesarrayNo

The Elastic Compute Service (ECS) instance types of master nodes. For more information, see Overview of instance families.

stringNo

The instance types of master nodes. The number of specified instance types for master nodes must be the same as that specified in master_count. In addition, the instance types of master nodes must be the same as those specified in master_instance_types. For more information, see Overview of instance families.

ecs.n4.xlarge
master_system_disk_categorystringNo

The type of system disk that you want to use for master nodes. Valid values:

  • cloud_efficiency: ultra disk.
  • cloud_ssd: standard SSD.
  • cloud_essd: ESSD.

Default value: cloud_ssd. The default value may vary in different zones.

cloud_ssd
master_system_disk_sizelongNo

The size of the system disk that you want to use for master nodes. Valid values: 40 to 500. Unit: GiB.

Default value: 120.

120
master_system_disk_performance_levelstringNo

The performance level (PL) of the system disk that you want to use for master nodes. This parameter takes effect only for enhanced SSDs. For more information about the relationship between disk PLs and disk sizes, see ESSDs .

PL1
master_system_disk_snapshot_policy_idstringNo

The ID of the automatic snapshot policy that you want to use for the system disks of master nodes.

sp-2zej1nogjvovnz4z****
master_instance_charge_typestringNo

The billing method of master nodes. Valid values:

  • PrePaid: subscription.
  • PostPaid: pay-as-you-go.

Default value: PostPaid.

PrePaid
master_period_unitstringNo

The billing cycle of master nodes. This parameter is required if master_instance_charge_type is set to PrePaid.

Set the value to Month. Master nodes are billed only on a monthly basis.

Month
master_periodlongNo

The subscription duration of master nodes. This parameter takes effect and is required only if master_instance_charge_type is set to PrePaid.

Valid values: 1, 2, 3, 6, 12, 24, 36, 48, and 60.

Default value: 1.

1
master_auto_renewbooleanNo

Specifies whether to enable auto-renewal for master nodes. This parameter takes effect only if master_instance_charge_type is set to PrePaid. Valid values:

  • true: enables auto-renewal.
  • false: disables auto-renewal.

Default value: true.

true
master_auto_renew_periodlongNo

The auto-renewal period for master nodes after the subscriptions of master nodes expire. This parameter takes effect and is required only if the subscription billing method is selected for master nodes.

Valid values: 1, 2, 3, 6, and 12.

Default value: 1.

1
num_of_nodeslongNo

The number of worker nodes. Valid values: 0 to 100.

3
vswitch_idsarrayYes

The vSwitches that are specified for nodes in the cluster. This parameter is required when you create a managed Kubernetes cluster that does not contain nodes.

stringNo

The vSwitches that are specified for nodes in the cluster. This parameter is required when you create a managed Kubernetes cluster that does not contain nodes.

vsw-2ze3ds0mdip0hdz8i****
worker_vswitch_idsarrayNo

The list of vSwitches that are specified for nodes. Each node is allocated a vSwitch.

The worker_vswitch_ids parameter is optional but the vswitch_ids parameter is required when you create an ACK managed cluster that does not contain nodes.

stringNo

The list of vSwitches that are specified for worker nodes. You can specify 1 to 20 vSwitches. We recommend that you select vSwitches in different zones to ensure high availability.

The worker_vswitch_ids parameter is optional but the vswitch_ids parameter is required when you create an ACK managed cluster that does not contain nodes.

vsw-2ze3ds0mdip0hdz8i****
worker_instance_typesarrayNo

The instance configurations of worker nodes.

stringNo

The ECS instance types of worker nodes. You must specify at least one instance type. For more information, see Overview of instance families.

Note The instance types are listed in descending order of priority. If the system fails to create worker nodes with the instance type of the highest priority, the system attempts to create worker nodes with the instance type of the lower priority.
ecs.n4.large
worker_system_disk_categorystringNo

The category of the system disk that you attach to the worker node. For more information, see Elastic Block Storage devices.

Valid values:

  • cloud_efficiency: ultra disk.
  • cloud_ssd: standard SSD.

Default value: cloud_ssd.

cloud_efficiency
worker_system_disk_sizelongNo

The size of the system disk that you want to use for worker nodes. Unit: GiB.

Valid values: 40 to 500.

The value of this parameter must be at least 40 and no less than the image size.

Default value: 120.

120
worker_system_disk_snapshot_policy_idstringNo

The ID of the automatic snapshot policy that you want to use for the system disks of worker nodes.

sp-2zej1nogjvovnz4z****
worker_system_disk_performance_levelstringNo

If the system disk is an ESSD, you can set the PL of the ESSD. For more information, see ESSDs .

Valid values:

  • PL0
  • PL1
  • PL2
  • PL3
PL1
worker_data_disksobject []No

The configuration of the data disk that is mounted to worker nodes. The configuration includes disk type and disk size.

categorystringYes

The data disk type.

cloud_essd
encryptedstringNo

Specifies whether to encrypt a data disk. Valid values:

  • true: encrypts a data disk.
  • false: does not encrypt a data disk.

Default value: false.

true
sizestringYes

The size of the data disk. Valid values: 40 to 32767.

120
performance_levelstringNo

The performance level (PL) of a data disk. This parameter takes effect only on ESSDs. You can specify a higher PL if you increase the size of a data disk. For more information, see ESSDs .

PL1
worker_instance_charge_typestringNo

The billing method of worker nodes. Valid values:

  • PrePaid: subscription.
  • PostPaid: pay-as-you-go.

Default value: PostPaid.

PrePaid
worker_period_unitstringNo

The billing cycle of worker nodes. This parameter is required if worker_instance_charge_type is set to PrePaid.

Set the value to Month. Worker nodes are billed only on a monthly basis.

Month
worker_periodlongNo

The subscription duration of worker nodes. This parameter takes effect and is required only if worker_instance_charge_type is set to PrePaid.

Valid values: 1, 2, 3, 6, 12, 24, 36, 48, and 60.

Default value: 1.

1
worker_auto_renewbooleanNo

Specifies whether to enable auto-renewal for worker nodes. This parameter takes effect only if worker_instance_charge_type is set to PrePaid. Valid values:

  • true: enables auto-renewal.
  • false: disables auto-renewal.

Default value: true.

true
worker_auto_renew_periodlongNo

The auto-renewal period for worker nodes after the subscriptions of worker nodes expire. This parameter takes effect and is required only if the subscription billing method is selected for worker nodes.

Valid values: 1, 2, 3, 6, and 12.

1
instancesarrayNo

The list of existing ECS instances that are specified as worker nodes for the cluster.

Note This parameter is required when you create worker nodes on existing ECS instances.
stringNo

The list of existing ECS instances that are specified as worker nodes for the cluster.

Note This parameter is required when you create worker nodes on existing ECS instances.
i-2ze4zxnm36vq00xn****
format_diskbooleanNo

Specifies whether to mount a data disk to a node that is created based on an existing ECS instance. Valid values:

  • true: stores the data of containers and images on a data disk. Back up the existing data on the data disk first.
  • false: does not store the data of containers and images on a data disk.

Default value: false.

How to mount a data disk:

  • If an ECS instance has data disks mounted and the file system of the last data disk is not initialized, the system automatically formats the data disk to ext4. Then, the system mounts the data disk to /var/lib/docker and /var/lib/kubelet.
  • If no data disk is attached to the ECS instances, the system does not purchase a new data disk.
false
keep_instance_namebooleanNo

Specifies whether to retain the names of existing ECS instances that are used in the cluster. Valid values:

  • true: retains the names.
  • false: does not retain the names. The new names are assigned by the system.

Default value: true.

true
service_discovery_typesarrayNo

The type of service discovery that is implemented in the ACK Serverless cluster.

  • CoreDNS: a standard service discovery plug-in provided by open source Kubernetes. To use the Domain Name System (DNS) resolution, you must provision pods. By default, two elastic container instances are used. The specification of each instance is 0.25 CPU cores and 512 MiB of memory.
  • PrivateZone: a DNS resolution service provided by Alibaba Cloud. You must activate Alibaba Cloud DNS PrivateZone before you can use it for service discovery.

By default, this parameter is not specified.

stringNo

The type of service discovery that is implemented in the ACK Serverless cluster.

  • CoreDNS: a standard service discovery plug-in provided by open source Kubernetes. To use the Domain Name System (DNS) resolution, you must provision pods. By default, two elastic container instances are used. The specification of each instance is 0.25 CPU cores and 512 MiB of memory.
  • PrivateZone: a DNS resolution service provided by Alibaba Cloud. You must activate Alibaba Cloud DNS PrivateZone before you can use it for service discovery.

By default, this parameter is not specified.

PrivateZone
nat_gatewaybooleanNo

Specifies whether to create a NAT gateway and configure Source Network Address Translation (SNAT) rules when the system creates the ACK Serverless cluster. Valid values:

  • true: automatically creates a NAT gateway and configures SNAT rules. This enables Internet access for the VPC in which the cluster is deployed.
  • false: does not create a NAT gateway or configure SNAT rules. In this case, the cluster in the VPC cannot access the Internet.

Default value: false.

true
zone_idstringNo

The ID of the zone in which the cluster is deployed. This parameter takes effect in only ACK Serverless clusters.

When you create an ACK Serverless cluster, you must configure zone_id if vpc_id and vswitch_ids are not configured. This way, the system automatically creates a VPC in the specified zone.

cn-beiji****
profilestringNo

The identifier that indicates whether the cluster is an ACK Edge cluster. To create an ACK Edge cluster, you must set this parameter to Edge.

  • Default: The cluster is not an ACK Edge cluster.
  • Edge: The cluster is an ACK Edge cluster.
Default
logging_typestringNo

Specifies whether to enable Simple Log Service for the cluster. Set the value to SLS. This parameter takes effect only for ACK Serverless clusters.

SLS
controlplane_log_ttlstringNo

The retention period of control plane logs in days.

30
controlplane_log_projectstringNo

The Simple Log Service project that is used to store the logs of control plane components. You can use an existing project or create one. If you choose to create a Simple Log Service project, the created project is named in the k8s-log-{ClusterID} format.

k8s-log-xxx
controlplane_log_componentsarrayNo

The list of control plane components for which you want to enable log collection.

By default, the logs of kube-apiserver, kube-controller-manager, and kube-scheduler are collected.

stringNo

The list of control plane components for which you want to enable log collection.

By default, the logs of kube-apiserver, kube-controller-manager, and kube-scheduler are collected.

["apiserver","kcm","scheduler"]
deletion_protectionbooleanNo

Specifies whether to enable deletion protection for the cluster. If deletion protection is enabled, the cluster cannot be deleted in the ACK console or by calling API operations. Valid values:

  • true: enables deletion protection for the cluster. This way, the cluster cannot be deleted in the ACK console or by calling API operations.
  • false: disables deletion protection for the cluster. This way, the cluster can be deleted in the ACK console or by calling API operations.

Default value: false.

true
disable_rollbackbooleanNo

Specifies whether to perform a rollback if the cluster fails to be created. Valid values:

  • true: performs a rollback if the system fails to create the cluster.
  • false: does not perform a rollback if the system fails to create the cluster.

Default value: true.

true
timeout_minslongNo

Specifies the timeout period of cluster creation. Unit: minutes.

Default value: 60.

60
image_typestringNo

The type of OS distribution that you want to use. To specify the node OS, we recommend that you use this parameter. Valid values:

  • CentOS
  • AliyunLinux
  • AliyunLinux Qboot
  • AliyunLinuxUEFI
  • AliyunLinux3
  • Windows
  • WindowsCore
  • AliyunLinux3Arm64
  • ContainerOS

Default value: CentOS.

AliyunLinux
load_balancer_specstringNo

The specification of the Server Load Balancer (SLB) instance. Valid values:

  • slb.s1.small
  • slb.s2.small
  • slb.s2.medium
  • slb.s3.small
  • slb.s3.medium
  • slb.s3.large

Default value: slb.s2.small.

slb.s2.small
enable_rrsabooleanNo

Specifies whether to enable the RAM Roles for Service Accounts (RRSA) feature.

true
resource_group_idstringNo

The ID of the resource group to which the cluster belongs. You can use resource groups to isolate clusters.

rg-acfm3mkrure****
charge_typestringNo

The billing method of the cluster.

1
period_unitstringNo

The unit of the subscription duration.

Month
periodlongNo

The subscription duration.

FY2023
ip_stackstringNo

The cluster IP stack.

Optional value: IPv4 (Single stack) or IPv6 (Dual Stack) Default value: IPV4
nodepoolsarrayNo

The list of node pools.

nodepoolNo

The node pool configurations.

access_control_listarrayNo

The network access control list (ACL) of the SLB instance associated with the API server if the cluster is a registered cluster.

stringNo

The network access control list (ACL) of the SLB instance associated with the API server if the cluster is a registered cluster.

192.168.1.0/24

Response parameters

ParameterTypeDescriptionExample
object

The returned data.

cluster_idstring

The ID of the cluster.

cb95aa626a47740afbf6aa099b650****
request_idstring

The request ID.

687C5BAA-D103-4993-884B-C35E4314A1E1
task_idstring

The task ID.

T-5a54309c80282e39ea00002f

Examples

Sample success responses

JSONformat

{
  "cluster_id": "cb95aa626a47740afbf6aa099b650****",
  "request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1",
  "task_id": "T-5a54309c80282e39ea00002f"
}

Examples

Sample success responses

JSONformat

{
    "cluster_id": "cb95aa626a47740afbf6aa099b650****",
    "task_id": "T-5a54309c80282e39ea00002f",
    "request_id": "687C5BAA-D103-4993-884B-C35E4314A1E1"
}

XMLformat

<cluster_id>cb95aa626a47740afbf6aa099b650****</cluster_id>
<task_id>T-5a54309c80282e39ea00002f</task_id>
<request_id>687C5BAA-D103-4993-884B-C35E4314A1E1</request_id>

Error codes

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2023-08-21The internal configuration of the API is changed, but the call is not affectedsee changesets
Change itemChange content
The internal configuration of the API is changed, but the call is not affected.
2023-08-08The internal configuration of the API is changed, but the call is not affectedsee changesets
Change itemChange content
The internal configuration of the API is changed, but the call is not affected.
2022-09-23The internal configuration of the API is changed, but the call is not affectedsee changesets
Change itemChange content
The internal configuration of the API is changed, but the call is not affected.
2022-08-02The internal configuration of the API is changed, but the call is not affectedsee changesets
Change itemChange content
The internal configuration of the API is changed, but the call is not affected.
2021-11-24The internal configuration of the API is changed, but the call is not affectedsee changesets
Change itemChange content
The internal configuration of the API is changed, but the call is not affected.